Bug 212669

Summary: change ipfw to all table all destroy
Product: Base System Reporter: John Zielinski <avernar>
Component: binAssignee: Andrey V. Elsukov <ae>
Status: Closed FIXED    
Severity: Affects Only Me CC: ae
Priority: --- Keywords: patch
Version: 11.0-RC1   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
patch to add the feature none

Description John Zielinski 2016-09-13 19:59:13 UTC 
Created attachment 174743 [details]
patch to add the feature

It is very difficult to destroy all tables from script.  This is necessary when loading a completely new rules than use different tables.  The old tables would still hang around.

Please add all to table destroy:

#ipfw table all destroy

This would also make things easier for avoiding issues like: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=165939 and https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=184355

I've patched my ipfw so I could continue my firewall setup.  I've included my patch.  Adding the "are you sure?" logic to table destroy (and table flush) might also be a good idea but not in my patch.
Comment 1 Andrey V. Elsukov freebsd_committer freebsd_triage 2016-09-16 11:54:30 UTC 
We also has similar patch locally, but didn't moved to per-set tables yet. And you already found several bugs here :)
We have thought make destroying of per-set tables via `ipfw set N delete` together with rules in a set.
Comment 2 John Zielinski 2016-09-16 15:56:16 UTC 
A 'ipfw set N delete' would work for me as well as right now I'm using two commands to flush the rules in a set and then another to destroy all tables.
Comment 3 commit-hook freebsd_committer freebsd_triage 2017-05-02 17:16:53 UTC 
A commit references this bug:

Author: ae
Date: Tue May  2 17:16:24 UTC 2017
New revision: 317682
URL: https://svnweb.freebsd.org/changeset/base/317682

Log:
  Add `ipfw table all destroy` support.

  PR:		212669
  MFC after:	1 week

Changes:
  head/sbin/ipfw/ipfw.8
  head/sbin/ipfw/tables.c
Comment 4 commit-hook freebsd_committer freebsd_triage 2017-05-10 05:01:35 UTC 
A commit references this bug:

Author: ae
Date: Wed May 10 05:01:06 UTC 2017
New revision: 318131
URL: https://svnweb.freebsd.org/changeset/base/318131

Log:
  MFC r317682:
    Add `ipfw table all destroy` support.

    PR:		212669

Changes:
_U  stable/11/
  stable/11/sbin/ipfw/ipfw.8
  stable/11/sbin/ipfw/tables.c
Comment 5 Andrey V. Elsukov freebsd_committer freebsd_triage 2017-05-10 05:06:29 UTC 
Thanks!